<?php
session_start();
require("conn.php");

$password=$_POST["pass"];
$phone=$_POST["sdt"];
$email=$_POST["email"];
$ran=mt_rand();


if($_FILES["hinh"]["name"]!="")
{
	$hinh=$_FILES["hinh"]["name"];
}
else
{
	$hinh="";
}

/////////////Kiem tra duoi cua anh////////////////

		$allowed_filetypes = array('','.jpg','.gif','.bmp','.png','.jpeg');
		$ext = substr($hinh, strpos($hinh,'.'), strlen($hinh)-1); // Get the extension from the filename.
		if(!in_array($ext,$allowed_filetypes))
		{
		?>
			<script language="javascript">
				alert("Ban chi duoc phep upload tap tin la file anh");
				window.location="editinfor.php";			
			</script>
			<?php
		}

///////////////////////////////

		$img_max="200000";
		$img_size=$_FILES["hinh"]["size"];
		if($img_max>$img_size)
		{ 
			move_uploaded_file($_FILES["hinh"]["tmp_name"],"imagestudent/".($_SESSION["UserIDst"].$hinh));
			
			$st=sprintf("update tblstudent set StudentEmail='%s',StudentPhone='%s', StudentImage='%s', StudentPass=md5('%s') where StudentID='%s'",$email,$phone,$_SESSION["UserIDst"].$hinh,$password,$_SESSION["UserIDst"]);
			$kq=mysql_query($st,$conn);
			if(!$kq)
			{
				?>
				<script language="javascript">
				alert("Dang ky khong thanh cong");
				window.location="editinfor.php";
				</script>
				<?php
			}
			else
			{
			
	
				?>
				<script language="javascript">
				alert("Dang ky thanh cong");
			    window.location="index.php";
				</script>
				<?php
			}

		}
		else
		{
			?>
				<script language="javascript">
					alert("Kich thuoc tap tin qua lon");
				
				</script>
			<?php
		}

?>
